Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

3,740 advisories

Loading
jQuery-UI vulnerable to Cross-site Scripting in dialog closeText Moderate
CVE-2016-7103 was published for jQuery.UI.Combined (RubyGems) Oct 24, 2017
Cross Site Scripting (XSS) in plotly.js Moderate
CVE-2017-1000006 was published for plotly.js (npm) Oct 24, 2017
Regular Expression Denial of Service in is-my-json-valid High
CVE-2016-2537 was published for is-my-json-valid (npm) Oct 24, 2017
Regular Expression Denial of Service in moment Moderate
CVE-2016-4055 was published for moment (npm) Oct 24, 2017
High severity vulnerability that affects electron High
CVE-2016-1202 was published for electron (npm) Oct 24, 2017
Regular Expression Denial of Service in marked High
CVE-2015-8854 was published for marked (npm) Oct 24, 2017
Incorrect Handling of Non-Boolean Comparisons During Minification in uglify-js Critical
CVE-2015-8857 was published for uglifier (RubyGems) Oct 24, 2017
Regular Expression Denial of Service in uglify-js High
CVE-2015-8858 was published for uglify-js (npm) Oct 24, 2017
File Descriptor Leak Can Cause DoS Vulnerability in hapi High
CVE-2014-3742 was published for hapi (npm) Oct 24, 2017
Regular Expression Denial of Service in semver High
CVE-2015-8855 was published for semver (npm) Oct 24, 2017
Denial-of-Service Memory Exhaustion in qs High
CVE-2014-7191 was published for qs (npm) Oct 24, 2017
Directory Traversal in geddy High
CVE-2015-5688 was published for geddy (npm) Oct 24, 2017
Potential for Script Injection in syntax-error High
CVE-2014-7192 was published for syntax-error (npm) Oct 24, 2017
RDIL
Moderate severity vulnerability that affects validator Moderate
CVE-2013-7453 was published for validator (npm) Oct 24, 2017
Arbitrary JavaScript Execution in bassmaster Critical
CVE-2014-7205 was published for bassmaster (npm) Oct 24, 2017
VBScript Content Injection in marked Moderate
CVE-2015-1370 was published for marked (npm) Oct 24, 2017
Regular Expression Denial of Service in ms High
CVE-2015-8315 was published for ms (npm) Oct 24, 2017
SQL Injection in sequelize High
CVE-2015-1369 was published for sequelize (npm) Oct 24, 2017
Directory Traversal in send Low
CVE-2014-6394 was published for send (npm) Oct 24, 2017
Moderate severity vulnerability that affects handlebars Moderate
GHSA-fmr4-7g9q-7hc7 was published for handlebars (npm) Oct 24, 2017 withdrawn
Moderate severity vulnerability that affects ember Moderate
GHSA-vxp4-25qp-86qh was published for ember (npm) Oct 24, 2017 withdrawn
Moderate severity vulnerability that affects validator Moderate
CVE-2013-7452 was published for validator (npm) Oct 24, 2017
Cross-Site Scripting in mustache High
CVE-2015-8862 was published for mustache (npm) Oct 24, 2017
Moderate severity vulnerability that affects validator Moderate
GHSA-9959-c6q6-6qp3 was published for validator (npm) Oct 24, 2017 withdrawn
CORS Token Disclosure in crumb Moderate
CVE-2014-7193 was published for crumb (npm) Oct 24, 2017
ProTip! Advisories are also available from the GraphQL API